lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch '5.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
Laurent Destailleur 2017-02-28 11:49:10 +01:00
commit 40b412728f
6 changed files with 239 additions and 199 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/tpl/objectline_edit.tpl.php
View File

@ -124,13 +124,13 @@ $coldisplay=-1; // We remove first td
if (!empty($conf->multicurrency->enabled)) {
$colspan++;
print '<td align="right"><input rel="'.$object->multicurrency_tx.'" type="text" class="flat" size="8" id="multicurrency_subprice" name="multicurrency_subprice" value="'.price($line->multicurrency_subprice).'" /></td>';
print '<td align="right"><input rel="'.$object->multicurrency_tx.'" type="text" class="flat" size="5" id="multicurrency_subprice" name="multicurrency_subprice" value="'.price($line->multicurrency_subprice).'" /></td>';
}
if ($inputalsopricewithtax)
{
$coldisplay++;
print '<td align="right"><input type="text" class="flat" size="8" id="price_ttc" name="price_ttc" value="'.(isset($line->pu_ttc)?price($line->pu_ttc,0,'',0):'').'"';
print '<td align="right"><input type="text" class="flat" size="5" id="price_ttc" name="price_ttc" value="'.(isset($line->pu_ttc)?price($line->pu_ttc,0,'',0):'').'"';
if ($this->situation_counter > 1) print ' readonly';
print '></td>';
}

3
htdocs/core/triggers/interface_20_all_Logevents.class.php
View File

@ -175,6 +175,9 @@ class InterfaceLogevents extends DolibarrTriggers
}
*/
// Add more information into desc from the context property
if (! empty($desc) && ! empty($object->context['audit'])) $desc.=' - '.$object->context['audit'];
// Add entry in event table
include_once DOL_DOCUMENT_ROOT.'/core/class/events.class.php';

301
htdocs/user/card.php
View File

@ -318,178 +318,175 @@ if (empty($reshook)) {
$error ++;
}
if (!$error) {
if (!$error)
{
$object->fetch($id);
$object->oldcopy = clone $object;
if (!$error) {
$db->begin();
$db->begin();
$object->oldcopy = clone $object;
$object->lastname = GETPOST("lastname", 'alpha');
$object->firstname = GETPOST("firstname", 'alpha');
$object->login = GETPOST("login", 'alpha');
$object->gender = GETPOST("gender", 'alpha');
$object->pass = GETPOST("password");
$object->api_key = (GETPOST("api_key", 'alpha')) ? GETPOST("api_key", 'alpha') : $object->api_key;
if (! empty($user->admin)) $object->admin = GETPOST("admin"); // admin flag can only be set/unset by an admin user. A test is also done later when forging sql request
$object->address = GETPOST('address', 'alpha');
$object->zip = GETPOST('zipcode', 'alpha');
$object->town = GETPOST('town', 'alpha');
$object->country_id = GETPOST('country_id', 'int');
$object->state_id = GETPOST('state_id', 'int');
$object->office_phone = GETPOST("office_phone", 'alpha');
$object->office_fax = GETPOST("office_fax", 'alpha');
$object->user_mobile = GETPOST("user_mobile");
$object->skype = GETPOST("skype", 'alpha');
$object->email = GETPOST("email", 'alpha');
$object->job = GETPOST("job", 'alpha');
$object->signature = GETPOST("signature");
$object->accountancy_code = GETPOST("accountancy_code");
$object->openid = GETPOST("openid");
$object->fk_user = GETPOST("fk_user") > 0 ? GETPOST("fk_user") : 0;
$object->employee = GETPOST('employee');
$object->lastname = GETPOST("lastname", 'alpha');
$object->firstname = GETPOST("firstname", 'alpha');
$object->login = GETPOST("login", 'alpha');
$object->gender = GETPOST("gender", 'alpha');
$object->pass = GETPOST("password");
$object->api_key = (GETPOST("api_key", 'alpha')) ? GETPOST("api_key", 'alpha') : $object->api_key;
if (! empty($user->admin)) $object->admin = GETPOST("admin"); // admin flag can only be set/unset by an admin user. A test is also done later when forging sql request
$object->address = GETPOST('address', 'alpha');
$object->zip = GETPOST('zipcode', 'alpha');
$object->town = GETPOST('town', 'alpha');
$object->country_id = GETPOST('country_id', 'int');
$object->state_id = GETPOST('state_id', 'int');
$object->office_phone = GETPOST("office_phone", 'alpha');
$object->office_fax = GETPOST("office_fax", 'alpha');
$object->user_mobile = GETPOST("user_mobile");
$object->skype = GETPOST("skype", 'alpha');
$object->email = GETPOST("email", 'alpha');
$object->job = GETPOST("job", 'alpha');
$object->signature = GETPOST("signature");
$object->accountancy_code = GETPOST("accountancy_code");
$object->openid = GETPOST("openid");
$object->fk_user = GETPOST("fk_user") > 0 ? GETPOST("fk_user") : 0;
$object->employee = GETPOST('employee');
$object->thm = GETPOST("thm") != '' ? GETPOST("thm") : '';
$object->tjm = GETPOST("tjm") != '' ? GETPOST("tjm") : '';
$object->salary = GETPOST("salary") != '' ? GETPOST("salary") : '';
$object->salaryextra = GETPOST("salaryextra") != '' ? GETPOST("salaryextra") : '';
$object->weeklyhours = GETPOST("weeklyhours") != '' ? GETPOST("weeklyhours") : '';
$object->thm = GETPOST("thm") != '' ? GETPOST("thm") : '';
$object->tjm = GETPOST("tjm") != '' ? GETPOST("tjm") : '';
$object->salary = GETPOST("salary") != '' ? GETPOST("salary") : '';
$object->salaryextra = GETPOST("salaryextra") != '' ? GETPOST("salaryextra") : '';
$object->weeklyhours = GETPOST("weeklyhours") != '' ? GETPOST("weeklyhours") : '';
$object->color = GETPOST("color") != '' ? GETPOST("color") : '';
$dateemployment = dol_mktime(0, 0, 0, GETPOST('dateemploymentmonth'), GETPOST('dateemploymentday'), GETPOST('dateemploymentyear'));
$object->dateemployment = $dateemployment;
$object->color = GETPOST("color") != '' ? GETPOST("color") : '';
$dateemployment = dol_mktime(0, 0, 0, GETPOST('dateemploymentmonth'), GETPOST('dateemploymentday'), GETPOST('dateemploymentyear'));
$object->dateemployment = $dateemployment;
if (! empty($conf->multicompany->enabled))
if (! empty($conf->multicompany->enabled))
{
if (! empty($_POST["superadmin"]))
{
if (! empty($_POST["superadmin"]))
{
$object->entity = 0;
}
else if ($conf->multicompany->transverse_mode)
{
$object->entity = 1; // all users in master entity
}
else
{
$object->entity = (! GETPOST('entity', 'int') ? 0 : GETPOST('entity', 'int'));
}
$object->entity = 0;
}
else if ($conf->multicompany->transverse_mode)
{
$object->entity = 1; // all users in master entity
}
else
{
$object->entity = (! GETPOST('entity', 'int') ? 0 : GETPOST('entity', 'int'));
}
}
else
{
$object->entity = (! GETPOST('entity', 'int') ? 0 : GETPOST('entity', 'int'));
}
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels, $object);
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels, $object);
if ($ret < 0) {
$error ++;
}
if (GETPOST('deletephoto')) {
$object->photo = '';
}
if (!empty($_FILES['photo']['name'])) {
$object->photo = dol_sanitizeFileName($_FILES['photo']['name']);
}
if (!$error) {
$ret = $object->update($user);
if ($ret < 0) {
$error ++;
}
if (GETPOST('deletephoto')) {
$object->photo = '';
}
if (!empty($_FILES['photo']['name'])) {
$object->photo = dol_sanitizeFileName($_FILES['photo']['name']);
}
if (!$error) {
$ret = $object->update($user);
if ($ret < 0) {
$error++;
if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS') {
$langs->load("errors");
setEventMessages($langs->trans("ErrorLoginAlreadyExists", $object->login), null, 'errors');
}
else
{
setEventMessages($object->error, $object->errors, 'errors');
}
}
}
if (!$error && isset($_POST['contactid'])) {
$contactid = GETPOST('contactid', 'int');
if ($contactid > 0) {
$contact = new Contact($db);
$contact->fetch($contactid);
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql .= " SET fk_socpeople=".$db->escape($contactid);
if (!empty($contact->socid)) {
$sql .= ", fk_soc=".$db->escape($contact->socid);
}
$sql .= " WHERE rowid=".$object->id;
} else {
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql .= " SET fk_socpeople=NULL, fk_soc=NULL";
$sql .= " WHERE rowid=".$object->id;
}
dol_syslog("usercard::update", LOG_DEBUG);
$resql = $db->query($sql);
if (!$resql) {
$error ++;
setEventMessages($db->lasterror(), null, 'errors');
}
}
if (!$error && !count($object->errors)) {
if (GETPOST('deletephoto') && $object->photo) {
$fileimg = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user').'/logos/'.$object->photo;
$dirthumbs = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user').'/logos/thumbs';
dol_delete_file($fileimg);
dol_delete_dir_recursive($dirthumbs);
}
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) {
$dir = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user');
dol_mkdir($dir);
if (@is_dir($dir)) {
$newfile = $dir.'/'.dol_sanitizeFileName($_FILES['photo']['name']);
$result = dol_move_uploaded_file($_FILES['photo']['tmp_name'], $newfile, 1, 0, $_FILES['photo']['error']);
if (!$result > 0) {
setEventMessages($langs->trans("ErrorFailedToSaveFile"), null, 'errors');
} else {
// Create thumbs
$object->addThumbs($newfile);
}
} else {
$error ++;
$langs->load("errors");
setEventMessages($langs->trans("ErrorFailedToCreateDir", $dir), $mesgs, 'errors');
}
}
}
if (! $error && ! count($object->errors))
{
// Then we add the associated categories
$categories = GETPOST( 'usercats', 'array' );
$object->setCategories($categories);
}
if (!$error && !count($object->errors)) {
setEventMessages($langs->trans("UserModified"), null, 'mesgs');
$db->commit();
$login = $_SESSION["dol_login"];
if ($login && $login == $object->oldcopy->login && $object->oldcopy->login != $object->login) // Current user has changed its login
{
$error++;
$error++;
if ($db->errno() == 'DB_ERROR_RECORD_ALREADY_EXISTS') {
$langs->load("errors");
setEventMessages($langs->transnoentitiesnoconv("WarningYourLoginWasModifiedPleaseLogin"), null, 'warnings');
setEventMessages($langs->trans("ErrorLoginAlreadyExists", $object->login), null, 'errors');
}
else
{
setEventMessages($object->error, $object->errors, 'errors');
}
}
else {
$db->rollback();
}
if (!$error && isset($_POST['contactid'])) {
$contactid = GETPOST('contactid', 'int');
if ($contactid > 0) {
$contact = new Contact($db);
$contact->fetch($contactid);
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql .= " SET fk_socpeople=".$db->escape($contactid);
if (!empty($contact->socid)) {
$sql .= ", fk_soc=".$db->escape($contact->socid);
}
$sql .= " WHERE rowid=".$object->id;
} else {
$sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql .= " SET fk_socpeople=NULL, fk_soc=NULL";
$sql .= " WHERE rowid=".$object->id;
}
}
dol_syslog("usercard::update", LOG_DEBUG);
$resql = $db->query($sql);
if (!$resql) {
$error ++;
setEventMessages($db->lasterror(), null, 'errors');
}
}
if (!$error && !count($object->errors)) {
if (GETPOST('deletephoto') && $object->photo) {
$fileimg = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user').'/logos/'.$object->photo;
$dirthumbs = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user').'/logos/thumbs';
dol_delete_file($fileimg);
dol_delete_dir_recursive($dirthumbs);
}
if (isset($_FILES['photo']['tmp_name']) && trim($_FILES['photo']['tmp_name'])) {
$dir = $conf->user->dir_output.'/'.get_exdir($object->id, 2, 0, 1, $object, 'user');
dol_mkdir($dir);
if (@is_dir($dir)) {
$newfile = $dir.'/'.dol_sanitizeFileName($_FILES['photo']['name']);
$result = dol_move_uploaded_file($_FILES['photo']['tmp_name'], $newfile, 1, 0, $_FILES['photo']['error']);
if (!$result > 0) {
setEventMessages($langs->trans("ErrorFailedToSaveFile"), null, 'errors');
} else {
// Create thumbs
$object->addThumbs($newfile);
}
} else {
$error ++;
$langs->load("errors");
setEventMessages($langs->trans("ErrorFailedToCreateDir", $dir), $mesgs, 'errors');
}
}
}
if (! $error && ! count($object->errors))
{
// Then we add the associated categories
$categories = GETPOST( 'usercats', 'array' );
$object->setCategories($categories);
}
if (!$error && !count($object->errors)) {
setEventMessages($langs->trans("UserModified"), null, 'mesgs');
$db->commit();
$login = $_SESSION["dol_login"];
if ($login && $login == $object->oldcopy->login && $object->oldcopy->login != $object->login) // Current user has changed its login
{
$error++;
$langs->load("errors");
setEventMessages($langs->transnoentitiesnoconv("WarningYourLoginWasModifiedPleaseLogin"), null, 'warnings');
}
}
else {
$db->rollback();
}
}
}
else

50
htdocs/user/class/user.class.php
View File

@ -378,12 +378,12 @@ class User extends CommonObject
*/
function addrights($rid, $allmodule='', $allperms='', $entity='')
{
global $conf;
global $conf, $user, $langs;
$entity = (! empty($entity)?$entity:$conf->entity);
dol_syslog(get_class($this)."::addrights $rid, $allmodule, $allperms, $entity");
$err=0;
$error=0;
$whereforadd='';
$this->db->begin();
@ -405,7 +405,7 @@ class User extends CommonObject
$subperms=$obj->subperms;
}
else {
$err++;
$error++;
dol_print_error($this->db);
}
@ -443,23 +443,33 @@ class User extends CommonObject
$nid = $obj->id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights WHERE fk_user = ".$this->id." AND fk_id=".$nid;
if (! $this->db->query($sql)) $err++;
if (! $this->db->query($sql)) $error++;
$sql = "INSERT INTO ".MAIN_DB_PREFIX."user_rights (fk_user, fk_id) VALUES (".$this->id.", ".$nid.")";
if (! $this->db->query($sql)) $err++;
if (! $this->db->query($sql)) $error++;
$i++;
}
}
else
{
$err++;
$error++;
dol_print_error($this->db);
}
}
if ($err) {
if (! $error)
{
$this->context = array('audit'=>$langs->trans("PermissionsAdd"));
// Call trigger
$result=$this->call_trigger('USER_MODIFY',$user);
if ($result < 0) { $error++; }
// End call triggers
}
if ($error) {
$this->db->rollback();
return -$err;
return -$error;
}
else {
$this->db->commit();
@ -480,9 +490,9 @@ class User extends CommonObject
*/
function delrights($rid, $allmodule='', $allperms='', $entity='')
{
global $conf;
global $conf, $user, $langs;
$err=0;
$error=0;
$wherefordel='';
$entity = (! empty($entity)?$entity:$conf->entity);
@ -505,7 +515,7 @@ class User extends CommonObject
$subperms=$obj->subperms;
}
else {
$err++;
$error++;
dol_print_error($this->db);
}
@ -543,21 +553,31 @@ class User extends CommonObject
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_rights";
$sql.= " WHERE fk_user = ".$this->id." AND fk_id=".$nid;
if (! $this->db->query($sql)) $err++;
if (! $this->db->query($sql)) $error++;
$i++;
}
}
else
{
$err++;
$error++;
dol_print_error($this->db);
}
}
if ($err) {
if (! $error)
{
$this->context = array('audit'=>$langs->trans("PermissionsDelete"));
// Call trigger
$result=$this->call_trigger('USER_MODIFY',$user);
if ($result < 0) { $error++; }
// End call triggers
}
if ($error) {
$this->db->rollback();
return -$err;
return -$error;
}
else {
$this->db->commit();

54
htdocs/user/class/usergroup.class.php
View File

@ -249,7 +249,7 @@ class UserGroup extends CommonObject
}
/**
* Ajoute un droit a l'utilisateur
* Add a permission to a group
*
* @param int $rid id du droit a ajouter
* @param string $allmodule Ajouter tous les droits du module allmodule
@ -258,10 +258,10 @@ class UserGroup extends CommonObject
*/
function addrights($rid,$allmodule='',$allperms='')
{
global $conf;
global $conf, $user, $langs;
dol_syslog(get_class($this)."::addrights $rid, $allmodule, $allperms");
$err=0;
$error=0;
$whereforadd='';
$this->db->begin();
@ -283,7 +283,7 @@ class UserGroup extends CommonObject
$subperms=$obj->subperms;
}
else {
$err++;
$error++;
dol_print_error($this->db);
}
@ -323,23 +323,33 @@ class UserGroup extends CommonObject
$nid = $obj->id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights WHERE fk_usergroup = $this->id AND fk_id=".$nid;
if (! $this->db->query($sql)) $err++;
if (! $this->db->query($sql)) $error++;
$sql = "INSERT INTO ".MAIN_DB_PREFIX."usergroup_rights (fk_usergroup, fk_id) VALUES ($this->id, $nid)";
if (! $this->db->query($sql)) $err++;
if (! $this->db->query($sql)) $error++;
$i++;
}
}
else
{
$err++;
$error++;
dol_print_error($this->db);
}
if (! $error)
{
$this->context = array('audit'=>$langs->trans("PermissionsAdd"));
// Call trigger
$result=$this->call_trigger('GROUP_MODIFY',$user);
if ($result < 0) { $error++; }
// End call triggers
}
}
if ($err) {
if ($error) {
$this->db->rollback();
return -$err;
return -$error;
}
else {
$this->db->commit();
@ -350,7 +360,7 @@ class UserGroup extends CommonObject
/**
* Retire un droit a l'utilisateur
* Remove a permission from group
*
* @param int $rid id du droit a retirer
* @param string $allmodule Retirer tous les droits du module allmodule
@ -359,9 +369,9 @@ class UserGroup extends CommonObject
*/
function delrights($rid,$allmodule='',$allperms='')
{
global $conf;
global $conf, $user, $langs;
$err=0;
$error=0;
$wherefordel='';
$this->db->begin();
@ -383,7 +393,7 @@ class UserGroup extends CommonObject
$subperms=$obj->subperms;
}
else {
$err++;
$error++;
dol_print_error($this->db);
}
@ -424,21 +434,31 @@ class UserGroup extends CommonObject
$sql = "DELETE FROM ".MAIN_DB_PREFIX."usergroup_rights";
$sql.= " WHERE fk_usergroup = $this->id AND fk_id=".$nid;
if (! $this->db->query($sql)) $err++;
if (! $this->db->query($sql)) $error++;
$i++;
}
}
else
{
$err++;
$error++;
dol_print_error($this->db);
}
if (! $error)
{
$this->context = array('audit'=>$langs->trans("PermissionsDelete"));
// Call trigger
$result=$this->call_trigger('GROUP_MODIFY',$user);
if ($result < 0) { $error++; }
// End call triggers
}
}
if ($err) {
if ($error) {
$this->db->rollback();
return -$err;
return -$error;
}
else {
$this->db->commit();

26
htdocs/user/group/card.php
View File

@ -311,15 +311,15 @@ else
print '<table class="border" width="100%">';
// Ref
print '<tr><td width="25%">'.$langs->trans("Ref").'</td>';
print '<td colspan="2">';
print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td>';
print '<td>';
print $form->showrefnav($object,'id','',$user->rights->user->user->lire || $user->admin);
print '</td>';
print '</tr>';
// Name
print '<tr><td width="25%">'.$langs->trans("Name").'</td>';
print '<td width="75%" class="valeur">'.$object->name;
print '<tr><td>'.$langs->trans("Name").'</td>';
print '<td class="valeur">'.$object->name;
if (empty($object->entity))
{
print img_picto($langs->trans("GlobalGroup"),'redstar');
@ -331,12 +331,12 @@ else
{
$mc->getInfo($object->entity);
print "<tr>".'<td class="tdtop">'.$langs->trans("Entity").'</td>';
print '<td width="75%" class="valeur">'.$mc->label;
print '<td class="valeur">'.$mc->label;
print "</td></tr>\n";
}
// Note
print '<tr><td width="25%" class="tdtop">'.$langs->trans("Description").'</td>';
print '<tr><td class="tdtop">'.$langs->trans("Description").'</td>';
print '<td class="valeur">'.dol_htmlentitiesbr($object->note).'&nbsp;</td>';
print "</tr>\n";
@ -397,8 +397,8 @@ else
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="action" value="adduser">';
print '<table class="noborder" width="100%">'."\n";
print '<tr class="liste_titre"><td class="liste_titre" width="25%">'.$langs->trans("NonAffectedUsers").'</td>'."\n";
print '<td>';
print '<tr class="liste_titre"><td class="titlefield liste_titre">'.$langs->trans("NonAffectedUsers").'</td>'."\n";
print '<td class="liste_titre">';
print $form->select_dolusers('', 'user', 1, $exclude, 0, '', '', $object->entity, 0, 0, '', 0, '', 'maxwidth300');
print ' &nbsp; ';
// Multicompany
@ -491,7 +491,7 @@ else
}
else
{
print '<tr><td colspan=2 class="opacitymedium">'.$langs->trans("None").'</td></tr>';
print '<tr><td colspan="6" class="opacitymedium">'.$langs->trans("None").'</td></tr>';
}
print "</table>";
print "<br>";
@ -509,8 +509,8 @@ else
dol_fiche_head($head, 'group', $title, 0, 'group');
print '<table class="border" width="100%">';
print '<tr><td width="25%" valign="top" class="fieldrequired">'.$langs->trans("Name").'</td>';
print '<td width="75%" class="valeur"><input size="15" type="text" name="group" value="'.$object->name.'">';
print '<tr><td class="titlefield fieldrequired">'.$langs->trans("Name").'</td>';
print '<td class="valeur"><input size="15" type="text" name="group" value="'.$object->name.'">';
print "</td></tr>\n";
// Multicompany
@ -528,7 +528,7 @@ else
}
}
print '<tr><td width="25%" valign="top">'.$langs->trans("Description").'</td>';
print '<tr><td class="tdtop">'.$langs->trans("Description").'</td>';
print '<td class="valeur">';
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
$doleditor=new DolEditor('note',$object->note,'',240,'dolibarr_notes','',true,false,$conf->global->FCKEDITOR_ENABLE_SOCIETE,ROWS_8,'90%');
@ -536,7 +536,7 @@ else
print '</td>';
print "</tr>\n";
// Other attributes
$parameters=array('colspan' => ' colspan="2"');
$parameters=array();
$reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action); // Note that $action and $object may have been modified by hook
if (empty($reshook) && ! empty($extrafields->attribute_label))
{